SlideShare uma empresa Scribd logo
1 de 50
Baixar para ler offline
International E-Discovery: Data
Protection, Privacy, & Cross-Border
               Issues
     Quentin Archer, HoganLovells LLP
 Chris Dale, eDisclosure Information Project
     M. James Daley, Daley & Fey LLP
        Dominic Jaar, KPMG-Canada
    Patrick J. Burke, Guidance Software
Dominic Jaar
                           KPMG Canada
                           djaar@kpmg.ca



• Partner & National Leader, eDiscovery, FTech and Information Management Services
•The Sedona Conference
     WG7 editorial board member
     WG1 and 6 member

Past
•CEO, Canadian Centre for Court Technology
•Founder, Ledjit Consulting
•In-house counsel, Bell Canada
•Litigator, Borden Ladner Gervais



                                                                                     2
Chris Dale
                 eDisclosure Information Project
                 chrisdaleoxford@gmail.com



Carrying information about e-discovery between courts,
lawyers, clients and providers.




                                                         3
Quentin Archer
                   Hogan Lovells International LLP
                   quentin.archer@hoganlovells.com



Immediate Past Co-Chair, The Sedona Conference® Working
Group on International E-Discovery
Partner in the London office of Hogan Lovells International LLP
Specialist for last 25 years in IT, data privacy and e-commerce,
with particular emphasis on international data transfers



                                                                   4
M. James Daley, Esq., CIPP
                      Daley & Fey LLP
                      jdaley@daleylegal.com



Charter Member and Immediate Past Co-Chair, The Sedona Conference®
Working Group on International E-Discovery (2005-2011)
Technologist – Masters in Management of Information Systems
Certified Information Privacy Professional (CIPP/US) -- IAPP
Senior Editor, The Sedona Conference® International Principles on Discovery,
Disclosure and Data Protection (2011)
Co-Editor-in Chief, The Sedona Conference® Framework for Analysis of Cross-
Border Discovery Conflicts (2008)


                                                                               5
Patrick Burke
                          Senior Director & Assistant General Counsel
                          Guidance Software, Inc.
                          patrick.burke@guidancesoftware.com

•   Patrick performs in-house legal functions and works with corporate law departments
    of other companies in the U.S., Europe and Canada to advise them with respect to
    the implementation of defensible in-house e-discovery processes.
•   He serves on the Sedona Conference® Working Group 6 on International Electronic
    Information Management, Discovery & Disclosure, and speaks regularly at legal
    conferences on topics including e-discovery law and best practices, privacy, European
    data protection, digital evidence and cybersecurity.
•   He is an Adjunct Professor at Cardozo School of Law in New York City, where he
    teaches the e-discovery class.


                                                                                            6
Overview of Global Discovery


  •Discovery of documents and electronic information abroad
  is an increasingly important part of litigation
  •Problems with foreign discovery are driven by
  fundamental differences in legal systems and privacy/data
  protection laws
  •U.S. courts are frequently unfamiliar with, or are
  dismissive of foreign restrictions on cross-border discovery
Differing notions of privacy

Privacy is a fundamental right in much of the world
  Definitions of personal data subject to privacy
   protection outside the U.S. are extremely broad
Privacy protections in the U.S. are industry specific
  Personal data subject to protection is limited to
   specific categories (e.g., Social Security
   numbers, medical information, banking data)
Differing Notions of Discovery

  Common law: expansive pre-trial discovery conducted by
  the parties with judicial supervision as needed to resolve
  disputes or manage court calendar
    U.S.
    Canada
    U.K.
The concept of discovery
•   Most EU countries do not have a discovery process in
    their civil procedure
•   Cases are decided primarily on the basis of documents
    submitted by the parties and oral evidence
•   Often this can lead to a cheaper and quicker result
•   But it may also lead to a suspicion of "foreign" court
    orders and document requests




                                                             Page 10
Data Protection, Privacy, Cross-Border

  Distinguish between:
  Common Law countries with a discovery tradition
        England and Wales, Northern Ireland,
         Scotland, Ireland
        USA
        Australia, Canada, Australia, Singapore, Hong
         Kong, New Zealand, India, Malaysia
  Civil Law countries with no discovery tradition
        Most of mainland Europe, former USSR,
         China, Japan, South America, most of Africa
  Other Mixed Jurisdiction, Sharia, Customary Law
                                                         Page 11
Data Protection, Privacy, Cross-Border

  UK, GB, E&W, EU
  United Kingdom
  England, Scotland, Wales, Northern Ireland

   Great Britain
   England, Scotland, Wales

    England and Wales
    Legal Jurisdiction

    European Union
    Economic and political partnership between 27 European countries

                                                                       Page 12
The Hague Convention

Hague Convention on the Taking of Evidence Abroad
(1972)
   An attempt at compromise: a uniform procedure for
    collection of evidence between common law and
    civil law jurisdictions.
   Letters of request (“rogatory”) issue from court in
    one nation to designated central authority (often a
    court) in another, requesting assistance in
    obtaining information
Blocking statutes

 Intended as shields to protect national sovereignty:
    Statutes which restrict cross-border discovery of
     information intended for use in foreign judicial
     proceedings
    Not limited to civil law jurisdictions (Australia and
     Canada have blocking statutes)
    May be general (France and Venezuela) or industry-
     specific (e.g., Switzerland re banking information)
Blocking Statutes

 Contrary to certain U.S. and U.K. judicial decisions,
 blocking statutes can have severe consequences
    Venezuela: In Lynondell-Citgo Refining LP v.
     Petroleos de Venezuela, defendant accepted an
     adverse inference instruction rather than turn over
     board minutes and related documents
    France: In re Christopher X: French Supreme Court
     affirmed a criminal conviction for speaking to a
     potential witness about a U.S. lawsuit
Cross-Border Regulations

E.U. Data Protection Directive (95/46)
   States should implement laws to restrict all manner of “processing” of
    “personal data”
   Prohibits transfer of personal data outside the E.U.
    ▫ Exception: the country to which it is transferred provides “adequate
      protection” of personal data (E.U. Directive Article 25)
   Countries who meet the E.U. “Adequate Protection” standard
    ▫ Canada
    ▫ Argentina
    ▫ Switzerland
    ▫ Israel
Personal Data

Broad Definition of “Personal Data” under the
EU Data Protection Directive:
  • Any information that can be used directly or
    indirectly to identify and individual (e.g., the
    name of the sender or recipient(s) of an email.
Personal Data

Potential narrowing of the definition of “Personal Data” in
U.K.
  Durant v. Financial Services Authority, Court of Appeal
   (Civil Division), 2003: “Only information that names
   (the individual) or refers to him” qualifies for protection
   under the Directives and U.K. enabling laws
  Court described its holding as a “a narrow interpretation
   of personal data” and is not universally followed
Additional EU Directive Terms

“Data Subject” is usually an individual and sometimes an
employee of a “Data Controller/Employer. However in Italy,
a corporate entity can be a Data Subject as well
“Data Processing” is any Handling of Personal Data outside
the normal use
  Preservation (litigation hold) may be considered processing if it
   involves manipulation of data, such as moving data to a secure
   server or even preserving in place

“Discovery” in U.S. = “Disclosure” in Civil Law Jurisdictions
EU Data Protection Directive

Rule: Any transfer of personal data to a third party requires
justification and – in case of countries outside EEA –
additional safeguards

Statutory Exceptions (Derogations):
  “Transfer necessary to safeguard legitimate interests of parties to
   litigation and no overriding interests of affected individuals”
  “Transfer necessary for exercise or defence of legal claims in court”
  Transmission may require notification/permission of local Data
   Protection Agencies
New EU Data Protection Regulation

 •Adopted by EU Commission on 1/25/12
 •Must be ratified by Council of Europe and
 European Parliament – 2 to 3 year process
 •Objectives: greater uniformity of data protection
 efforts among EU member states; and centralization
 of authority (“one stop shop”) for data protection
 issues for multinational corporations
New EU Data Protection Regulation
 •Single data protection authority for multinationals
 •Significant restriction of employee consent for data processing
 •Elimination of current processing notification requirements
 •Data protection officer if more than 250 global employees
 •“Right to be forgotten” and “Privacy by Design” requirements
 •Notification of data security breaches to regulators and persons;
 •Simplified procedures for transferring personal data outside EU
 •Increased independence and power for DPAs
 •Data protection violation fines -- up to 2 percent of a company’s global annual
 income
Attitude of the courts and regulators
•   Instinctive resort to the "safe" but limited procedures
    available in instruments such as Hague Convention
•   But Hague Convention rarely used
•   Blocking statutes of different kinds exist in several
    countries
•   Data protection laws present a more comprehensive
    block
•   But there is disagreement within the EU over the scope of
    protection
      •   Durant – v – FSA, UK Court of Appeal, 2003


                                                                Page 23
Article 29 Working Party
•   Group established by the 1995 Data Protection Directive
•   Has engaged with Sedona Conference
•   In 2009 issued Working Document on pre-Trial Discovery
    (WP158)
•   Fairly conservative analysis of the subject
•   But conceded that transfers of personal data to the US for
    litigation purposes were permissible subject to safeguards
    including:
      •   Assessment of relevance should be carried out in EU
      •   Only data actually necessary for claims or defences
          should be transferred

                                                                 Page 24
The Sedona Conference
•   Framework for Analysis of Cross-border Discovery
    Conflicts published 2008
•   International Principles and Best Practices on Discovery,
    Disclosure & Data Protection published December 2011
•   Has encouraged a dialogue between EU regulators and
    the US judiciary, with high-level input on both sides
•   Fundamental principles are that personal data should be
    restricted to the level necessary to resolve the issues in
    the case, and that further disclosure should be subject to
    the terms of a protective order


                                                                 Page 25
Latin American Privacy Laws

 Based on Constitutional Right of “Habeas Data”
 (i.e.,“You have the Data):
   Brazil – 1988
   Paraguay
   Peru
   Argentina
   Costa Rica
   Mexico
Evolution of International Privacy Law

Region   Adopted/Considering                       Summary
Mexico   Released draft privacy regulations that   •   Applies to controllers handling “sensitive personal
         work with existing data protection law        data”
                                                   •   Restricts int’l transfer

Russia   Amended privacy law, “On personal         •   Strict privacy stance
         data”                                     •   Permits uninhibited transfer to EU
                                                   •   Empowers a special agency to determine data
                                                       security adequacy

China    Released “Provisions on the               •   Framed around “Internet Information Service
         Administration of Internet Information        Providers” (IISPs)
         Services”                                 •   Restricts IISP’s conduct in various ways
Global E-Discovery
Country                  Summary and recent developments


Hong Kong (Common        •   Special Administrative Region (SAR)
Law)                     •   Uses traditional English discovery law
                         •   Hong Kong International Arbitration Center

China                    •   Transferring state secrets out of country is strictly protected
(Civil Law)
Singapore (Common Law)   •   Have passed an “opt-in” e-discovery system, but seldom used in litigation
                         •   No dedicated data protection or privacy legislation, though some is currently being discussed
                         •   Singapore International Arbitration Centre


South Korea              •   Blocking Statute that applies to cross-border transfers for purpose of foreign litigation


Japan                    •   Japan Privacy Act permits the conditional transfer of personal information from a corporate entity to a
(Civil Law)                  third party; e-discovery still evolving
Global E-Discovery
Country     Law                                Summary
Canada      Ontario Rules of Civil Procedure   •   Directly calls counsel to implement discovery plan that
                                                   incorporates how to handle production of ESI
                                               •   Makes an explicit call for cooperation and meet and confer
                                               •   Requires counsel to confer with the Sedona Canada
                                                   Principles



Australia   Practice Note CM 6                 •   Courts may order electronic format production where “the
                                                   use of technology… will help facilitate the quick,
                                                   inexpensive and efficient resolution of the matter”
                                               •   Pre-discovery and pre-trial checklists; places an
                                                   expectation on counsel that they have considered the
                                                   issues in the list, and are in a position to inform the
                                                   court on how they will be addressed
30
Privacy acts and blocking statutes
                     Federal                                                   Quebec
Foreign Extraterritorial Measures Act   Chapter F-29   Business Concerns Records Act
                                                       R.S.Q., chapter D-12

Personal Information Protection and Electronic         Charter of Human Rights and Freedom           R.S.Q., chapter C-12
Documents Act (PIPEDA) 2000 c.5
Privacy Act                                            Civil Code of Quebec
                                                       L.Q., 1991, c. 64
Chapter P-21
                                                       Act Respecting the Protection of Personal
                                                       Information in the Private Sector R.S.Q., chapter P-39.1

                                                       Act to Establish a Legal Framework for
                                                       Information Technology
                                                       R.S.Q., chapter C-1.1




                                                                                                                            31
Business Concerns Act
R.S.Q., chapter D-12
2.             Subject to section 3, no person shall, pursuant to or under any requirement issued by any legislative, judicial or
administrative authority outside Québec, remove or cause to be removed, or send or cause to be sent, from any place in Québec
to a place outside Québec, any document or résumé or digest of any document relating to any concern.
Exceptions:
3.             The prohibition enacted in section 2 shall not apply in the case of the removal or sending of a document out of
Québec
(a) by an agency, branch, company or firm carrying on business in Québec, to a principal, head office, affiliated company or firm,
agency or branch situated outside Québec, in the ordinary course of their business;
 (b) by or on behalf of a company or person, as defined by the Securities Act, (chapter V-1) carrying on business in Québec, to a
territory subject to another political jurisdiction in which the sale of the securities of such company or person has been authorized;
(c) by or on behalf of any such company or person carrying on business in Québec as a broker, security issuer or salesman
within the meaning of the Securities Act, to a territory subject to another political jurisdiction in which any such company or person
has been registered or is otherwise authorized to carry on business as broker, security issuer or salesman, as the case may be;
 (d) whenever such removal or sending is authorized by any law of Québec or of the Parliament of Canada, in accordance with
their respective jurisdictions.




                                                                                                                                         32
Act Respecting the Protection of Personal Information in the Private Sector
R.S.Q., chapter P-39.1
5. Any person collecting personal information to establish a file on another person or to record personal information in such a file may collect
only the information necessary for the object of the file.

8. A person who collects personal information from the person concerned must, when establishing a file on that person, inform him

                1) of the object of the file;

                2) of the use which will be made of the information and the categories of persons who will have access to it within the
                enterprise;

                3) of the place where the file will be kept and of the rights of access and rectification. […]

12. Once the object of a file has been achieved, no information contained in it may be used otherwise than with the consent of the person
concerned, subject to the time limit prescribed by law or by a retention schedule established by government regulation.

13. No person may communicate to a third person the personal information contained in a file he holds on another person, or use it for
purposes not relevant to the object of the file, unless the person concerned consents thereto or such communication or use is provided for by
this Act.

14. Consent to the collection, communication or use of personal information must be manifest, free, and enlightened, and must be given for
specific purposes. Such consent is valid only for the length of time needed to achieve the purposes for which it was requested.



                                                                                                                                                   33
Data Protection, Privacy, Cross-Border

  US Contra Mundum

  • Collision between US Discovery and everyone else

  • Overbroad even before privacy and data protection
    considerations

  • Aérospatiale, Hague Convention v FRCP

  • Comity analysis supposed to balance competing
    interests

  • Good faith and hardship of compliance

                                                        Page 34
Data Protection, Privacy, Cross-Border

  Aerospatial Comity Analysis
  (1) the importance to the . . . litigation of the documents or other information requested
  (2) the degree of specificity of the request
  (3) whether the information originated in the United States
  (4) the availability of alternative means of securing the information
  (5) the extent to which noncompliance with the request would undermine important
  interests of the United States, or compliance with the request would undermine
  important interests of the state where the information is located


                                            Restatement (Third) of Foreign Relations Law
                                            of the United States
                                                                                               Page 35
Data Protection, Privacy, Cross-Border

  Collision




                                     “There’s going to be a train-
                                     wreck”
                                                Browning Marean




                                                                     Page 36
Data Protection, Privacy, Cross-Border

  The Components

                Article 29 of EU Directive 95/46/EC
                                  +
                Individual State implementations

                                 v
   Restatement (Third) of Foreign Relations Law of the United States
                                 +
                           Aerospatiale

                                                                       Page 37
Data Protection, Privacy, Cross-Border

  The view depends on your vantage-point




                                           Page 38
Data Protection, Privacy, Cross-Border

  Whoever heard of limiting the scope of Discovery?


                          Discovery limited in scope
                                       =
          Intelligent appraisal of issues – what do we really need?
                                       +
                               Protective Order
                                       +
                   Technology to identify and filter quickly



                                                                      Page 39
Data Protection, Privacy, Cross-Border

  Assymetry and Compromise
  • "[m]utual knowledge of all the relevant facts gathered by both
    parties is essential to proper litigation." Hickman v. Taylor (1947)
  • Competition on uneven terms if one party subject to less onerous
    discovery.
  • If you take advantage of US trade, then you must accept its rules
  BUT
  • Compromise is necessary if EU laws are not to be simply ignored


                                                                           Page 40
Data Protection, Privacy, Cross-Border

  A Changing Climate?
   • EU Draft General Data Protection Regulation will tighten rules

   • ABA Report and Resolution 103

   • Sedona Conference – International Principles on Discovery, Disclosure
     & Data Protection

   • Respect, good faith, reasonableness, protective order, discovery
     limited in scope, compliance with Data Protection obligations

   • But…. Trueposition
                                                                             Page 41
Data Protection, Privacy, Cross-Border

  Trueposition – making a monkey of the cheese-eaters
  • Trueposition, Inc. v. LM Ericsson Tel. Co
  • ”Limited Jurisdictional discovery” sought in alleged anti-competitive
    conduct case
  • French Blocking Statute makes discovery unlawful
  • Judge conducts Aérospatiale comity analysis
  • No reference to ABA or Sedona initiatives
  • Assumption that French will not enforce Blocking Statute


                                                                            Page 42
43
44
Comprenez-vous le français?
                         L’argo?
                    Le québécois?
                       Le verlan?




                                Page 45
Work Visa



            46
Page 47
Page 48
REDACTED




           Page 49
Questions?


             Page 50

Mais conteúdo relacionado

Mais procurados

What’s new in Fla. Bar 02.24.17
What’s new in Fla. Bar 02.24.17What’s new in Fla. Bar 02.24.17
What’s new in Fla. Bar 02.24.17Arthur Garcia
 
Clare Lanigan - DRI Training Series: 3. Understanding Copyright
Clare Lanigan - DRI Training Series: 3. Understanding CopyrightClare Lanigan - DRI Training Series: 3. Understanding Copyright
Clare Lanigan - DRI Training Series: 3. Understanding Copyrightdri_ireland
 
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...AltheimPrivacy
 
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...AltheimPrivacy
 
'Introduction to the concept of Open Access and Digital Preservation'
'Introduction to the concept of  Open Access and Digital Preservation''Introduction to the concept of  Open Access and Digital Preservation'
'Introduction to the concept of Open Access and Digital Preservation'dri_ireland
 
Kroll.cross border ediscovery-2016
Kroll.cross border ediscovery-2016Kroll.cross border ediscovery-2016
Kroll.cross border ediscovery-2016Kate Chan
 
Arve Foyen_ IT sourcing outside EU
Arve Foyen_ IT sourcing outside EUArve Foyen_ IT sourcing outside EU
Arve Foyen_ IT sourcing outside EUItera Consulting
 
Rebecca Grant - Researching Your Event
Rebecca Grant - Researching Your EventRebecca Grant - Researching Your Event
Rebecca Grant - Researching Your Eventdri_ireland
 
Metadata Ownership & Metadata Rights
Metadata Ownership & Metadata RightsMetadata Ownership & Metadata Rights
Metadata Ownership & Metadata RightsChelcie Rowell
 
Linked Data and Canadian Legal Resources
Linked Data and Canadian Legal ResourcesLinked Data and Canadian Legal Resources
Linked Data and Canadian Legal ResourcesF. Tim Knight
 
ICANN Rules vs Privacy
ICANN Rules vs PrivacyICANN Rules vs Privacy
ICANN Rules vs PrivacyBlacknight
 
Canadian Regulation Of Controlled Military Goods And Technology May 2010
Canadian Regulation Of Controlled Military Goods And Technology   May 2010Canadian Regulation Of Controlled Military Goods And Technology   May 2010
Canadian Regulation Of Controlled Military Goods And Technology May 2010jboscariol
 
Regulation of Medical Research under European Data Protection
Regulation of Medical Research under European Data ProtectionRegulation of Medical Research under European Data Protection
Regulation of Medical Research under European Data ProtectionDavid Erdos
 
Investigating without running afoul of privacy laws
Investigating without running afoul of privacy lawsInvestigating without running afoul of privacy laws
Investigating without running afoul of privacy lawsDan Michaluk
 
Strong Host Security Policies are Good Business
Strong Host Security Policies are Good BusinessStrong Host Security Policies are Good Business
Strong Host Security Policies are Good BusinessHostingCon
 

Mais procurados (17)

What’s new in Fla. Bar 02.24.17
What’s new in Fla. Bar 02.24.17What’s new in Fla. Bar 02.24.17
What’s new in Fla. Bar 02.24.17
 
Ppt
PptPpt
Ppt
 
Clare Lanigan - DRI Training Series: 3. Understanding Copyright
Clare Lanigan - DRI Training Series: 3. Understanding CopyrightClare Lanigan - DRI Training Series: 3. Understanding Copyright
Clare Lanigan - DRI Training Series: 3. Understanding Copyright
 
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
The EU Data Protection Reform's Impact on Cross Border e-Discovery: new Devel...
 
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
The EU Data Protection Reform's Impact on Cross Border E-discovery; updated h...
 
'Introduction to the concept of Open Access and Digital Preservation'
'Introduction to the concept of  Open Access and Digital Preservation''Introduction to the concept of  Open Access and Digital Preservation'
'Introduction to the concept of Open Access and Digital Preservation'
 
Kroll.cross border ediscovery-2016
Kroll.cross border ediscovery-2016Kroll.cross border ediscovery-2016
Kroll.cross border ediscovery-2016
 
Arve Foyen_ IT sourcing outside EU
Arve Foyen_ IT sourcing outside EUArve Foyen_ IT sourcing outside EU
Arve Foyen_ IT sourcing outside EU
 
Rebecca Grant - Researching Your Event
Rebecca Grant - Researching Your EventRebecca Grant - Researching Your Event
Rebecca Grant - Researching Your Event
 
Metadata Ownership & Metadata Rights
Metadata Ownership & Metadata RightsMetadata Ownership & Metadata Rights
Metadata Ownership & Metadata Rights
 
Linked Data and Canadian Legal Resources
Linked Data and Canadian Legal ResourcesLinked Data and Canadian Legal Resources
Linked Data and Canadian Legal Resources
 
eDiscovery for the Small or Solo Law Firm
eDiscovery for the Small or Solo Law FirmeDiscovery for the Small or Solo Law Firm
eDiscovery for the Small or Solo Law Firm
 
ICANN Rules vs Privacy
ICANN Rules vs PrivacyICANN Rules vs Privacy
ICANN Rules vs Privacy
 
Canadian Regulation Of Controlled Military Goods And Technology May 2010
Canadian Regulation Of Controlled Military Goods And Technology   May 2010Canadian Regulation Of Controlled Military Goods And Technology   May 2010
Canadian Regulation Of Controlled Military Goods And Technology May 2010
 
Regulation of Medical Research under European Data Protection
Regulation of Medical Research under European Data ProtectionRegulation of Medical Research under European Data Protection
Regulation of Medical Research under European Data Protection
 
Investigating without running afoul of privacy laws
Investigating without running afoul of privacy lawsInvestigating without running afoul of privacy laws
Investigating without running afoul of privacy laws
 
Strong Host Security Policies are Good Business
Strong Host Security Policies are Good BusinessStrong Host Security Policies are Good Business
Strong Host Security Policies are Good Business
 

Semelhante a International e discovery ceic 2012d

ACEDS-Kroll Ontrack 2-24-15 Webcast
ACEDS-Kroll Ontrack 2-24-15 WebcastACEDS-Kroll Ontrack 2-24-15 Webcast
ACEDS-Kroll Ontrack 2-24-15 WebcastLogikcull.com
 
Amcto presentation final
Amcto presentation finalAmcto presentation final
Amcto presentation finalDan Michaluk
 
Governance & Ediscovery
Governance & EdiscoveryGovernance & Ediscovery
Governance & EdiscoveryLouise Spiteri
 
The Sedona Canada Panel on Privacy and E-Discovery
The Sedona Canada Panel on Privacy and E-DiscoveryThe Sedona Canada Panel on Privacy and E-Discovery
The Sedona Canada Panel on Privacy and E-DiscoveryDan Michaluk
 
Mind Your Business: Why Privacy Matters to the Successful Enterprise
 Mind Your Business: Why Privacy Matters to the Successful Enterprise Mind Your Business: Why Privacy Matters to the Successful Enterprise
Mind Your Business: Why Privacy Matters to the Successful EnterpriseEric Kavanagh
 
CYBOK: Law and Regulation webinar slides.pdf
CYBOK: Law and Regulation webinar slides.pdfCYBOK: Law and Regulation webinar slides.pdf
CYBOK: Law and Regulation webinar slides.pdfHari319621
 
Who's Afraid of eDiscovery?
Who's Afraid of eDiscovery?Who's Afraid of eDiscovery?
Who's Afraid of eDiscovery?CallPM
 
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010mleyden
 
2 7-2013-big data and e-discovery
2 7-2013-big data and e-discovery2 7-2013-big data and e-discovery
2 7-2013-big data and e-discoveryExterro
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard   Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard   Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard
 
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini   fordham university new york 19 july 2013 - electroni...Att. patrizia giannini   fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...Amministratore Bluefactor
 
Ceic 2010 international panel slide deck
Ceic 2010 international panel slide deckCeic 2010 international panel slide deck
Ceic 2010 international panel slide deckJames Daley
 
Safe Harbor Webinar
Safe Harbor WebinarSafe Harbor Webinar
Safe Harbor WebinarEthisphere
 
Proportionality in Ediscovery
Proportionality in EdiscoveryProportionality in Ediscovery
Proportionality in EdiscoveryJosh Kubicki
 
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...Cengage Learning
 
CEIC 2010 international panel
CEIC 2010 international panelCEIC 2010 international panel
CEIC 2010 international panelLedjit
 

Semelhante a International e discovery ceic 2012d (20)

ACEDS-Kroll Ontrack 2-24-15 Webcast
ACEDS-Kroll Ontrack 2-24-15 WebcastACEDS-Kroll Ontrack 2-24-15 Webcast
ACEDS-Kroll Ontrack 2-24-15 Webcast
 
Governance and e-discovery
Governance and e-discoveryGovernance and e-discovery
Governance and e-discovery
 
Amcto presentation final
Amcto presentation finalAmcto presentation final
Amcto presentation final
 
Governance & Ediscovery
Governance & EdiscoveryGovernance & Ediscovery
Governance & Ediscovery
 
The Sedona Canada Panel on Privacy and E-Discovery
The Sedona Canada Panel on Privacy and E-DiscoveryThe Sedona Canada Panel on Privacy and E-Discovery
The Sedona Canada Panel on Privacy and E-Discovery
 
AIIM 2015 - Data Privacy
AIIM 2015 - Data PrivacyAIIM 2015 - Data Privacy
AIIM 2015 - Data Privacy
 
Sible 09
Sible 09Sible 09
Sible 09
 
Mind Your Business: Why Privacy Matters to the Successful Enterprise
 Mind Your Business: Why Privacy Matters to the Successful Enterprise Mind Your Business: Why Privacy Matters to the Successful Enterprise
Mind Your Business: Why Privacy Matters to the Successful Enterprise
 
eDiscovery
eDiscoveryeDiscovery
eDiscovery
 
CYBOK: Law and Regulation webinar slides.pdf
CYBOK: Law and Regulation webinar slides.pdfCYBOK: Law and Regulation webinar slides.pdf
CYBOK: Law and Regulation webinar slides.pdf
 
Who's Afraid of eDiscovery?
Who's Afraid of eDiscovery?Who's Afraid of eDiscovery?
Who's Afraid of eDiscovery?
 
Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010Linking Data: The Legal Implications - SemTech2010
Linking Data: The Legal Implications - SemTech2010
 
2 7-2013-big data and e-discovery
2 7-2013-big data and e-discovery2 7-2013-big data and e-discovery
2 7-2013-big data and e-discovery
 
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard   Legally Compliant Use Of Personal Data In E Social ScienceChristopher Millard   Legally Compliant Use Of Personal Data In E Social Science
Christopher Millard Legally Compliant Use Of Personal Data In E Social Science
 
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini   fordham university new york 19 july 2013 - electroni...Att. patrizia giannini   fordham university new york 19 july 2013 - electroni...
Att. patrizia giannini fordham university new york 19 july 2013 - electroni...
 
Ceic 2010 international panel slide deck
Ceic 2010 international panel slide deckCeic 2010 international panel slide deck
Ceic 2010 international panel slide deck
 
Safe Harbor Webinar
Safe Harbor WebinarSafe Harbor Webinar
Safe Harbor Webinar
 
Proportionality in Ediscovery
Proportionality in EdiscoveryProportionality in Ediscovery
Proportionality in Ediscovery
 
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
E-Discovery: How do Litigation Hold, BYOD, and Privacy Affect You? - Course T...
 
CEIC 2010 international panel
CEIC 2010 international panelCEIC 2010 international panel
CEIC 2010 international panel
 

Último

NewBase 25 March 2024 Energy News issue - 1710 by Khaled Al Awadi_compress...
NewBase  25 March  2024  Energy News issue - 1710 by Khaled Al Awadi_compress...NewBase  25 March  2024  Energy News issue - 1710 by Khaled Al Awadi_compress...
NewBase 25 March 2024 Energy News issue - 1710 by Khaled Al Awadi_compress...Khaled Al Awadi
 
Developing Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursDeveloping Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursKaiNexus
 
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxCracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxWorkforce Group
 
Data skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsData skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsyasinnathani
 
Amazon ppt.pptx Amazon about the company
Amazon ppt.pptx Amazon about the companyAmazon ppt.pptx Amazon about the company
Amazon ppt.pptx Amazon about the companyfashionfound007
 
Entrepreneurship & organisations: influences and organizations
Entrepreneurship & organisations: influences and organizationsEntrepreneurship & organisations: influences and organizations
Entrepreneurship & organisations: influences and organizationsP&CO
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBBPMedia1
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGlokeshwarmaha
 
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003believeminhh
 
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptxHELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptxHelene Heckrotte
 
Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access
 
Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Lviv Startup Club
 
Lecture_6.pptx English speaking easyb to
Lecture_6.pptx English speaking easyb toLecture_6.pptx English speaking easyb to
Lecture_6.pptx English speaking easyb toumarfarooquejamali32
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access
 
NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023Steve Rader
 
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdfAMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdfJohnCarloValencia4
 
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdfTalent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdfCharles Cotter, PhD
 
Plano de marketing- inglês em formato ppt
Plano de marketing- inglês  em formato pptPlano de marketing- inglês  em formato ppt
Plano de marketing- inglês em formato pptElizangelaSoaresdaCo
 

Último (20)

NewBase 25 March 2024 Energy News issue - 1710 by Khaled Al Awadi_compress...
NewBase  25 March  2024  Energy News issue - 1710 by Khaled Al Awadi_compress...NewBase  25 March  2024  Energy News issue - 1710 by Khaled Al Awadi_compress...
NewBase 25 March 2024 Energy News issue - 1710 by Khaled Al Awadi_compress...
 
Developing Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, OursDeveloping Coaching Skills: Mine, Yours, Ours
Developing Coaching Skills: Mine, Yours, Ours
 
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptxCracking the ‘Business Process Outsourcing’ Code Main.pptx
Cracking the ‘Business Process Outsourcing’ Code Main.pptx
 
Data skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story pointsData skills for Agile Teams- Killing story points
Data skills for Agile Teams- Killing story points
 
Amazon ppt.pptx Amazon about the company
Amazon ppt.pptx Amazon about the companyAmazon ppt.pptx Amazon about the company
Amazon ppt.pptx Amazon about the company
 
Entrepreneurship & organisations: influences and organizations
Entrepreneurship & organisations: influences and organizationsEntrepreneurship & organisations: influences and organizations
Entrepreneurship & organisations: influences and organizations
 
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John MeulemansBCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
BCE24 | Virtual Brand Ambassadors: Making Brands Personal - John Meulemans
 
WAM Corporate Presentation Mar 25 2024.pdf
WAM Corporate Presentation Mar 25 2024.pdfWAM Corporate Presentation Mar 25 2024.pdf
WAM Corporate Presentation Mar 25 2024.pdf
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISINGUNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
UNLEASHING THE POWER OF PROGRAMMATIC ADVERTISING
 
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
The Vietnam Believer Newsletter_MARCH 25, 2024_EN_Vol. 003
 
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptxHELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
HELENE HECKROTTE'S PROFESSIONAL PORTFOLIO.pptx
 
Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024Borderless Access - Global B2B Panel book-unlock 2024
Borderless Access - Global B2B Panel book-unlock 2024
 
Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)Michael Vidyakin: Introduction to PMO (UA)
Michael Vidyakin: Introduction to PMO (UA)
 
Lecture_6.pptx English speaking easyb to
Lecture_6.pptx English speaking easyb toLecture_6.pptx English speaking easyb to
Lecture_6.pptx English speaking easyb to
 
Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024Borderless Access - Global Panel book-unlock 2024
Borderless Access - Global Panel book-unlock 2024
 
NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023NASA CoCEI Scaling Strategy - November 2023
NASA CoCEI Scaling Strategy - November 2023
 
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdfAMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
AMAZON SELLER VIRTUAL ASSISTANT PRODUCT RESEARCH .pdf
 
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdfTalent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
Talent Management research intelligence_13 paradigm shifts_20 March 2024.pdf
 
Plano de marketing- inglês em formato ppt
Plano de marketing- inglês  em formato pptPlano de marketing- inglês  em formato ppt
Plano de marketing- inglês em formato ppt
 

International e discovery ceic 2012d

  • 1. International E-Discovery: Data Protection, Privacy, & Cross-Border Issues Quentin Archer, HoganLovells LLP Chris Dale, eDisclosure Information Project M. James Daley, Daley & Fey LLP Dominic Jaar, KPMG-Canada Patrick J. Burke, Guidance Software
  • 2. Dominic Jaar KPMG Canada djaar@kpmg.ca • Partner & National Leader, eDiscovery, FTech and Information Management Services •The Sedona Conference  WG7 editorial board member  WG1 and 6 member Past •CEO, Canadian Centre for Court Technology •Founder, Ledjit Consulting •In-house counsel, Bell Canada •Litigator, Borden Ladner Gervais 2
  • 3. Chris Dale eDisclosure Information Project chrisdaleoxford@gmail.com Carrying information about e-discovery between courts, lawyers, clients and providers. 3
  • 4. Quentin Archer Hogan Lovells International LLP quentin.archer@hoganlovells.com Immediate Past Co-Chair, The Sedona Conference® Working Group on International E-Discovery Partner in the London office of Hogan Lovells International LLP Specialist for last 25 years in IT, data privacy and e-commerce, with particular emphasis on international data transfers 4
  • 5. M. James Daley, Esq., CIPP Daley & Fey LLP jdaley@daleylegal.com Charter Member and Immediate Past Co-Chair, The Sedona Conference® Working Group on International E-Discovery (2005-2011) Technologist – Masters in Management of Information Systems Certified Information Privacy Professional (CIPP/US) -- IAPP Senior Editor, The Sedona Conference® International Principles on Discovery, Disclosure and Data Protection (2011) Co-Editor-in Chief, The Sedona Conference® Framework for Analysis of Cross- Border Discovery Conflicts (2008) 5
  • 6. Patrick Burke Senior Director & Assistant General Counsel Guidance Software, Inc. patrick.burke@guidancesoftware.com • Patrick performs in-house legal functions and works with corporate law departments of other companies in the U.S., Europe and Canada to advise them with respect to the implementation of defensible in-house e-discovery processes. • He serves on the Sedona Conference® Working Group 6 on International Electronic Information Management, Discovery & Disclosure, and speaks regularly at legal conferences on topics including e-discovery law and best practices, privacy, European data protection, digital evidence and cybersecurity. • He is an Adjunct Professor at Cardozo School of Law in New York City, where he teaches the e-discovery class. 6
  • 7. Overview of Global Discovery •Discovery of documents and electronic information abroad is an increasingly important part of litigation •Problems with foreign discovery are driven by fundamental differences in legal systems and privacy/data protection laws •U.S. courts are frequently unfamiliar with, or are dismissive of foreign restrictions on cross-border discovery
  • 8. Differing notions of privacy Privacy is a fundamental right in much of the world  Definitions of personal data subject to privacy protection outside the U.S. are extremely broad Privacy protections in the U.S. are industry specific  Personal data subject to protection is limited to specific categories (e.g., Social Security numbers, medical information, banking data)
  • 9. Differing Notions of Discovery Common law: expansive pre-trial discovery conducted by the parties with judicial supervision as needed to resolve disputes or manage court calendar  U.S.  Canada  U.K.
  • 10. The concept of discovery • Most EU countries do not have a discovery process in their civil procedure • Cases are decided primarily on the basis of documents submitted by the parties and oral evidence • Often this can lead to a cheaper and quicker result • But it may also lead to a suspicion of "foreign" court orders and document requests Page 10
  • 11. Data Protection, Privacy, Cross-Border Distinguish between: Common Law countries with a discovery tradition  England and Wales, Northern Ireland, Scotland, Ireland  USA  Australia, Canada, Australia, Singapore, Hong Kong, New Zealand, India, Malaysia Civil Law countries with no discovery tradition  Most of mainland Europe, former USSR, China, Japan, South America, most of Africa Other Mixed Jurisdiction, Sharia, Customary Law Page 11
  • 12. Data Protection, Privacy, Cross-Border UK, GB, E&W, EU United Kingdom England, Scotland, Wales, Northern Ireland Great Britain England, Scotland, Wales England and Wales Legal Jurisdiction European Union Economic and political partnership between 27 European countries Page 12
  • 13. The Hague Convention Hague Convention on the Taking of Evidence Abroad (1972)  An attempt at compromise: a uniform procedure for collection of evidence between common law and civil law jurisdictions.  Letters of request (“rogatory”) issue from court in one nation to designated central authority (often a court) in another, requesting assistance in obtaining information
  • 14. Blocking statutes Intended as shields to protect national sovereignty:  Statutes which restrict cross-border discovery of information intended for use in foreign judicial proceedings  Not limited to civil law jurisdictions (Australia and Canada have blocking statutes)  May be general (France and Venezuela) or industry- specific (e.g., Switzerland re banking information)
  • 15. Blocking Statutes Contrary to certain U.S. and U.K. judicial decisions, blocking statutes can have severe consequences  Venezuela: In Lynondell-Citgo Refining LP v. Petroleos de Venezuela, defendant accepted an adverse inference instruction rather than turn over board minutes and related documents  France: In re Christopher X: French Supreme Court affirmed a criminal conviction for speaking to a potential witness about a U.S. lawsuit
  • 16. Cross-Border Regulations E.U. Data Protection Directive (95/46)  States should implement laws to restrict all manner of “processing” of “personal data”  Prohibits transfer of personal data outside the E.U. ▫ Exception: the country to which it is transferred provides “adequate protection” of personal data (E.U. Directive Article 25)  Countries who meet the E.U. “Adequate Protection” standard ▫ Canada ▫ Argentina ▫ Switzerland ▫ Israel
  • 17. Personal Data Broad Definition of “Personal Data” under the EU Data Protection Directive: • Any information that can be used directly or indirectly to identify and individual (e.g., the name of the sender or recipient(s) of an email.
  • 18. Personal Data Potential narrowing of the definition of “Personal Data” in U.K.  Durant v. Financial Services Authority, Court of Appeal (Civil Division), 2003: “Only information that names (the individual) or refers to him” qualifies for protection under the Directives and U.K. enabling laws  Court described its holding as a “a narrow interpretation of personal data” and is not universally followed
  • 19. Additional EU Directive Terms “Data Subject” is usually an individual and sometimes an employee of a “Data Controller/Employer. However in Italy, a corporate entity can be a Data Subject as well “Data Processing” is any Handling of Personal Data outside the normal use  Preservation (litigation hold) may be considered processing if it involves manipulation of data, such as moving data to a secure server or even preserving in place “Discovery” in U.S. = “Disclosure” in Civil Law Jurisdictions
  • 20. EU Data Protection Directive Rule: Any transfer of personal data to a third party requires justification and – in case of countries outside EEA – additional safeguards Statutory Exceptions (Derogations):  “Transfer necessary to safeguard legitimate interests of parties to litigation and no overriding interests of affected individuals”  “Transfer necessary for exercise or defence of legal claims in court”  Transmission may require notification/permission of local Data Protection Agencies
  • 21. New EU Data Protection Regulation •Adopted by EU Commission on 1/25/12 •Must be ratified by Council of Europe and European Parliament – 2 to 3 year process •Objectives: greater uniformity of data protection efforts among EU member states; and centralization of authority (“one stop shop”) for data protection issues for multinational corporations
  • 22. New EU Data Protection Regulation •Single data protection authority for multinationals •Significant restriction of employee consent for data processing •Elimination of current processing notification requirements •Data protection officer if more than 250 global employees •“Right to be forgotten” and “Privacy by Design” requirements •Notification of data security breaches to regulators and persons; •Simplified procedures for transferring personal data outside EU •Increased independence and power for DPAs •Data protection violation fines -- up to 2 percent of a company’s global annual income
  • 23. Attitude of the courts and regulators • Instinctive resort to the "safe" but limited procedures available in instruments such as Hague Convention • But Hague Convention rarely used • Blocking statutes of different kinds exist in several countries • Data protection laws present a more comprehensive block • But there is disagreement within the EU over the scope of protection • Durant – v – FSA, UK Court of Appeal, 2003 Page 23
  • 24. Article 29 Working Party • Group established by the 1995 Data Protection Directive • Has engaged with Sedona Conference • In 2009 issued Working Document on pre-Trial Discovery (WP158) • Fairly conservative analysis of the subject • But conceded that transfers of personal data to the US for litigation purposes were permissible subject to safeguards including: • Assessment of relevance should be carried out in EU • Only data actually necessary for claims or defences should be transferred Page 24
  • 25. The Sedona Conference • Framework for Analysis of Cross-border Discovery Conflicts published 2008 • International Principles and Best Practices on Discovery, Disclosure & Data Protection published December 2011 • Has encouraged a dialogue between EU regulators and the US judiciary, with high-level input on both sides • Fundamental principles are that personal data should be restricted to the level necessary to resolve the issues in the case, and that further disclosure should be subject to the terms of a protective order Page 25
  • 26. Latin American Privacy Laws Based on Constitutional Right of “Habeas Data” (i.e.,“You have the Data):  Brazil – 1988  Paraguay  Peru  Argentina  Costa Rica  Mexico
  • 27. Evolution of International Privacy Law Region Adopted/Considering Summary Mexico Released draft privacy regulations that • Applies to controllers handling “sensitive personal work with existing data protection law data” • Restricts int’l transfer Russia Amended privacy law, “On personal • Strict privacy stance data” • Permits uninhibited transfer to EU • Empowers a special agency to determine data security adequacy China Released “Provisions on the • Framed around “Internet Information Service Administration of Internet Information Providers” (IISPs) Services” • Restricts IISP’s conduct in various ways
  • 28. Global E-Discovery Country Summary and recent developments Hong Kong (Common • Special Administrative Region (SAR) Law) • Uses traditional English discovery law • Hong Kong International Arbitration Center China • Transferring state secrets out of country is strictly protected (Civil Law) Singapore (Common Law) • Have passed an “opt-in” e-discovery system, but seldom used in litigation • No dedicated data protection or privacy legislation, though some is currently being discussed • Singapore International Arbitration Centre South Korea • Blocking Statute that applies to cross-border transfers for purpose of foreign litigation Japan • Japan Privacy Act permits the conditional transfer of personal information from a corporate entity to a (Civil Law) third party; e-discovery still evolving
  • 29. Global E-Discovery Country Law Summary Canada Ontario Rules of Civil Procedure • Directly calls counsel to implement discovery plan that incorporates how to handle production of ESI • Makes an explicit call for cooperation and meet and confer • Requires counsel to confer with the Sedona Canada Principles Australia Practice Note CM 6 • Courts may order electronic format production where “the use of technology… will help facilitate the quick, inexpensive and efficient resolution of the matter” • Pre-discovery and pre-trial checklists; places an expectation on counsel that they have considered the issues in the list, and are in a position to inform the court on how they will be addressed
  • 30. 30
  • 31. Privacy acts and blocking statutes Federal Quebec Foreign Extraterritorial Measures Act Chapter F-29 Business Concerns Records Act R.S.Q., chapter D-12 Personal Information Protection and Electronic Charter of Human Rights and Freedom R.S.Q., chapter C-12 Documents Act (PIPEDA) 2000 c.5 Privacy Act Civil Code of Quebec L.Q., 1991, c. 64 Chapter P-21 Act Respecting the Protection of Personal Information in the Private Sector R.S.Q., chapter P-39.1 Act to Establish a Legal Framework for Information Technology R.S.Q., chapter C-1.1 31
  • 32. Business Concerns Act R.S.Q., chapter D-12 2. Subject to section 3, no person shall, pursuant to or under any requirement issued by any legislative, judicial or administrative authority outside Québec, remove or cause to be removed, or send or cause to be sent, from any place in Québec to a place outside Québec, any document or résumé or digest of any document relating to any concern. Exceptions: 3. The prohibition enacted in section 2 shall not apply in the case of the removal or sending of a document out of Québec (a) by an agency, branch, company or firm carrying on business in Québec, to a principal, head office, affiliated company or firm, agency or branch situated outside Québec, in the ordinary course of their business; (b) by or on behalf of a company or person, as defined by the Securities Act, (chapter V-1) carrying on business in Québec, to a territory subject to another political jurisdiction in which the sale of the securities of such company or person has been authorized; (c) by or on behalf of any such company or person carrying on business in Québec as a broker, security issuer or salesman within the meaning of the Securities Act, to a territory subject to another political jurisdiction in which any such company or person has been registered or is otherwise authorized to carry on business as broker, security issuer or salesman, as the case may be; (d) whenever such removal or sending is authorized by any law of Québec or of the Parliament of Canada, in accordance with their respective jurisdictions. 32
  • 33. Act Respecting the Protection of Personal Information in the Private Sector R.S.Q., chapter P-39.1 5. Any person collecting personal information to establish a file on another person or to record personal information in such a file may collect only the information necessary for the object of the file. 8. A person who collects personal information from the person concerned must, when establishing a file on that person, inform him 1) of the object of the file; 2) of the use which will be made of the information and the categories of persons who will have access to it within the enterprise; 3) of the place where the file will be kept and of the rights of access and rectification. […] 12. Once the object of a file has been achieved, no information contained in it may be used otherwise than with the consent of the person concerned, subject to the time limit prescribed by law or by a retention schedule established by government regulation. 13. No person may communicate to a third person the personal information contained in a file he holds on another person, or use it for purposes not relevant to the object of the file, unless the person concerned consents thereto or such communication or use is provided for by this Act. 14. Consent to the collection, communication or use of personal information must be manifest, free, and enlightened, and must be given for specific purposes. Such consent is valid only for the length of time needed to achieve the purposes for which it was requested. 33
  • 34. Data Protection, Privacy, Cross-Border US Contra Mundum • Collision between US Discovery and everyone else • Overbroad even before privacy and data protection considerations • Aérospatiale, Hague Convention v FRCP • Comity analysis supposed to balance competing interests • Good faith and hardship of compliance Page 34
  • 35. Data Protection, Privacy, Cross-Border Aerospatial Comity Analysis (1) the importance to the . . . litigation of the documents or other information requested (2) the degree of specificity of the request (3) whether the information originated in the United States (4) the availability of alternative means of securing the information (5) the extent to which noncompliance with the request would undermine important interests of the United States, or compliance with the request would undermine important interests of the state where the information is located Restatement (Third) of Foreign Relations Law of the United States Page 35
  • 36. Data Protection, Privacy, Cross-Border Collision “There’s going to be a train- wreck” Browning Marean Page 36
  • 37. Data Protection, Privacy, Cross-Border The Components Article 29 of EU Directive 95/46/EC + Individual State implementations v Restatement (Third) of Foreign Relations Law of the United States + Aerospatiale Page 37
  • 38. Data Protection, Privacy, Cross-Border The view depends on your vantage-point Page 38
  • 39. Data Protection, Privacy, Cross-Border Whoever heard of limiting the scope of Discovery? Discovery limited in scope = Intelligent appraisal of issues – what do we really need? + Protective Order + Technology to identify and filter quickly Page 39
  • 40. Data Protection, Privacy, Cross-Border Assymetry and Compromise • "[m]utual knowledge of all the relevant facts gathered by both parties is essential to proper litigation." Hickman v. Taylor (1947) • Competition on uneven terms if one party subject to less onerous discovery. • If you take advantage of US trade, then you must accept its rules BUT • Compromise is necessary if EU laws are not to be simply ignored Page 40
  • 41. Data Protection, Privacy, Cross-Border A Changing Climate? • EU Draft General Data Protection Regulation will tighten rules • ABA Report and Resolution 103 • Sedona Conference – International Principles on Discovery, Disclosure & Data Protection • Respect, good faith, reasonableness, protective order, discovery limited in scope, compliance with Data Protection obligations • But…. Trueposition Page 41
  • 42. Data Protection, Privacy, Cross-Border Trueposition – making a monkey of the cheese-eaters • Trueposition, Inc. v. LM Ericsson Tel. Co • ”Limited Jurisdictional discovery” sought in alleged anti-competitive conduct case • French Blocking Statute makes discovery unlawful • Judge conducts Aérospatiale comity analysis • No reference to ABA or Sedona initiatives • Assumption that French will not enforce Blocking Statute Page 42
  • 43. 43
  • 44. 44
  • 45. Comprenez-vous le français? L’argo? Le québécois? Le verlan? Page 45
  • 46. Work Visa 46
  • 49. REDACTED Page 49
  • 50. Questions? Page 50

Notas do Editor

  1. DaleyIncumbent upon counsel to ensure US courts are apprised of any foreign law issues re discovery and/or privacy
  2. Daley
  3. Daley, Jaar, Quentin
  4. Quentin
  5. Chris
  6. Chris
  7. Daley
  8. Daley
  9. Daley
  10. Daley with commentary by others
  11. Daley, others
  12. Daley, Quentin follow up
  13. Daley, Quentin
  14. Daley, Quentin follow
  15. Daley, Quentin
  16. Daley, Quentin
  17. Quentin
  18. Quentin
  19. Quentin
  20. Daley
  21. DaleyIn 2011 we saw many countries establish or re-work existing privacy regimes. In sum, the minefield of international privacy laws grew denser. Mexico – July 2011“sensitive personal data:” data that may reveal information like racial or ethnic origin, health status and religious and moral beliefs—More restrictive than the broad “personal data” definitions seen in other actsSimilar to the directive in many respects, any transfer national or international, hinges on the consent of its data subject.” Exceptions: Some of the exceptions to Mexico’s consent requirement arise when the data transfer is pursuant to a treaty, where the transfer is necessary for health care purposes, where the transfer is made to subsidiaries, affiliates or parent companies of the data controller with the same processes and policies, and when necessary to safeguard public interestRussia – July 2011Russia’s reformed privacy laws still closely align with the strict privacy stance taken by European Union Data Protection Directive 95/46/EC (“the Directive”). Russia’s new statutory scheme permits uninhibited transfer to the EU. Additionally, similar to the need for “adequate” data protection in the Directive, Russia’s law empowers a special agency to determine whether the country’s data security procedures are sufficiently “adequate” to receive personal data from RussiaThe law imparts the Russian Federal Service for Oversight of Communications, Information Technology and Mass Media with the ability to authorize a list of state parties (non-members to the EU) with sufficient personal data protection to qualify to receive personal data.Personal data may be produced pursuant to a treaty or Russian federal law.China“Internet Information Services” defined as “service activities for the provision of information to Internet users over the Internet – it doesn’t operate on “processors” like so many others acts - Service providers must not use personal data without consent,not collect more than the minimum amount of personal information necessary to provide their service,must divulge the method, content and purpose of the collection to the users in express forms without disclosing any information to a third party absent users’ consentIt’s a different approach on protecting personal data. “the collection, use and disclosure of personal information in a manner that recognizes the right of privacy of individuals with respect to their personal information and the need of organizations to collect, use or disclose personal information for purposes that a reasonable person would consider appropriate in the circumstances.”
  22. DaleyE-Discovery law in APAC is evolving at the speed of light, in large part due to high numbers of US companies doing business in the region – and needing to produce information in APAC in US litigation. In addition, companies based in APAC are increasingly being drug into US based litigation. Both of these items are influencing APAC discovery law. Much arbitration occurs in the region, and these matters do involve exchange of ESI.
  23. U.K. Practice DirectionEnacted in 2010 applies to multi-track claims, or at the discretion of the judgeFor cases that trigger the application of the Practice Direction, more involved e-discovery guidelines applyDirection calls parties to “discuss the use of technology in the management of Electronic Documents” prior to the first Case Management Conference, in addition to the electronic information the parties have in their control, the scope of the search for relevant documents, preservation steps taken, cost-sharing and formats for exchanging documents. Some key features of the direction include: a welcome for parties considering keyboard, or tech-assisted review, provisions on how metadata should be handled, and as we discuss later on, a sample questionnaire designed to facilitate counsel communication, and provisions that emphasize that the reasonable search requirement encompasses notions of proportionality so often discussed in US E-discovery commentaryAims to prevent the need for court intervention and avoid penalties for adopting unreasonable approachesCM is an acronym for “Case Management” that is used to signal a section for case management related practice issues in the Practice Notes issued by the Chief Justice. Practice Note CM 6 refers to specifically refers to “Electronic technology in litigation.” Comment: What is included in CM-6 checklists? Required? Examples?Practice Note CM-6 contains two important checklists for practioners: the pre-discovery conference checklist and the pre-trial checklist. Here are the sections of the pre-discovery conference checklist—the areas upon which parties are to align strategies upon:Introduction (The court places an expectation on counsel that they have “considered the issues identified in this Checklist and to be in a position to inform the Court on how the issues are to be addressed prior to or at the first Directions hearing or case management conference”)Scope of discovery (Assess scope with a mind towards speed, costs, efficiency and relevency)Strategies for conducting a reasonable search Management of Electronic Documents (Strategize key stages of the EDRM: “identification, collection, processing, analysis, review and exchange of Electronic Documents)Preservation of Electronic Documents (What strategy will be implemented for preservation?)Timetable and Estimated Costs for Discovery (How much will it cost? How much time will it take?)Privilege (How will the parties grapple with documents flagged as privileged)Document Management Protocol (default, advanced, other?) Pre-Discovery Conference Attendees Areas of disagreement (Address the areas where parties cannot agree)Comment: Info/requirements of doc mgmt protocolsThe Default Document Management Protocol, triggered by expected discoverable documents between 200 and 5000, imposes very comprehensive default provisions. The Default Document Management Protocol describes specifically how documents should be exchanged between parties and to the court. Some types of information addressed contain: what information should be in document descriptions, default file types and other permissible options, procedures for redacting privileged documents and correcting errors, duties for managing de-duplicates, how to name files, and how to handle attachments.This default protocol can be opted out of pursuant to an advanced agreement, and should be If the expected discoverable documents exceeds 5000.Comment: What is included in UK questionnaire? Required? Examples?The UK Electronic Documents Questionnaire is vehicle designed to get information pertinent to e-disclosure exchanged between parties early on in litigation. While parties should consider employing it in any litigation, as it very well may reduce costs that arise down the road, its use is only required if the size or complexity of a case so mandates. The questionnaire can be found in Direction 31B.Examples of Topics covered, in Q & A format, include: Extent of a reasonable search (questions about custodians, dates, forms of documents and databases);Method of search (does counsel think that keywords should be used? Other automated techniques like concept searches?)
  24. Jaar
  25. Jaar
  26. Jaar
  27. Jaar
  28. Chris
  29. Chris
  30. Chris
  31. Chris
  32. Chris
  33. Chris
  34. Chris
  35. Chris
  36. Chris
  37. Dominic